HiveMQ

Connect MQTT broker with pre-signed url

Hi,

I’m having trouble with connecting mqtt broker with pre-signed url which looks like :
wss://…eu-central-1.amazonaws.com/mqtt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=…&X-Amz-Date=20211004T170341Z&X-Amz-SignedHeaders=host&X-Amz-Signature=…2e&X-Amz-Security-Token=…

val mqttClient: Mqtt5AsyncClient = com.hivemq.client.mqtt.mqtt5.Mqtt5Client.builder()
        .identifier(UUID.randomUUID().toString())
        .serverHost(url.host)
        .serverPort(443)
        .sslWithDefaultConfig()
        .webSocketConfig(
            MqttWebSocketConfig.builder()
                .serverPath("/mqtt")
                .queryString(url.query)
                .subprotocol("ws")
                .build()
        )
        .addConnectedListener {
            Timber.v("<------------------ connected !")
        }
        .addDisconnectedListener {
            Timber.v("<------------------ disconnected ! ${it.cause}")
        }
        .buildAsync()

        mqttClient.connectWith()
            .send()
            .whenComplete { connAct, throwable ->
                if (throwable != null) {
                } else {
                }
            }

This is my implementation, but keep throwing 403 forbidden error. When I test with MQTTExplorer, it connects successfully with the signed url. The screenshot shows how I set up the configuration

Anything I’m missing here? I couldn’t find the solution.

Hello Dooyong,

Thank you for your interest HiveMQ and trying our HiveMQ Client library! We are happy to help you with your use case. Could you please clarify, what exactly are you trying to achieve?

Note, that connecting a HiveMQ Client to AWS IoT Core not possible with MQTTv5 client since AWS IoT Core in not compatible with MQTTv5 specification yet.

  1. Are you using wss:// or ws://? I am asking because your screenshot and the snippet of your code do not match one another.
  2. What encryption and certificate are used? Are those the same on your screenshot and in your code?
  3. Which other information is encoded in your pre-signed URL, like host, port etc.?
  4. Is your serverPath /mqtt consistent with your Basepath mttt?X-AMz-...?

Please come back to us with missing info and we will be glad to help you with your use case.

Kind regards,
Daria from HiveMQ